Component 1: the master database

The government already has plenty of data. It has identity records, financial records, tax records, safety inspection records, traffic violation records, police reports, court records, and on and on.

But there’s a problem: this data is spread across hundreds of poorly-connected databases controlled by dozens of government agencies that don’t talk to each other, creating what policymakers call “data islands”.

Maybe the General Administration of Customs knows that Corporation X has a history of import violations, and the Ministry of Ecology and Environment knows they’re big polluters, but that information is unknown to the city government of Shanghai, who selects this risky company to build a big local infrastructure project.

Or maybe the local government of City X is often irresponsible with budget money and doesn’t meet its policy targets, but this information gets lost in a sea of records, or hidden by corruption and nepotism, and the central government can’t pinpoint the source of local woes.

Or perhaps shady Travel Agent X bounces from city to city, selling shoddy, dangerous tours and counterfeit tickets, but has only ever been reprimanded by local travel bureaus, and never taken to court. Without a central record of the violations, it’s all too easy for this person to continue running scams.

So from the Chinese government’s point of view, the first step of regulating the market (and the individuals within it) is to get all this data collected in one central place where everyone who needs access to the information can get it.

That, essentially, is what the current incarnation of the social credit system is: a massive push to get all existing data flowing into one database.

That database has already been created. It’s called the National Credit Information Sharing Platform, 全国信用信息共享平台 (NCISP).1 NCISP is controlled by the central government, and it’s the primary clearinghouse for social credit files on individuals and corporations.

The National Credit Information Sharing Platform

The NCISP already contains a staggering amount of information, submitted by city and provincial governments, state agencies, and the central bank. There’s a national committee of government departments that are participating in the SCS buildout. As of August 1, 2019, there are 46 government agencies on the committee, many of whom we know will add their data sets to the master credit files (see them all in Appendix 1).2 The NCISP will collect info from agencies on a national level, and it will also suck up data from provincial- and city-level government departments.

Government documents lay out in great detail exactly which records the central database will contain, which government agency will contribute which datasets, as well as which records will be open to the public and which won’t.

The most recent document about the contents of the central database was released in 2016.3 The document outlines 400 different categories of datasets that will be included in the master database.

One of the more interesting points uncovered through looking at the central government document (and related sources) is that around 80% of the data in the national database relates to companies, rather than individuals, and 75% of that is earmarked as “open to the public”.4This will include data on both domestic corporations, and foreign companies doing business in China.5

We’ve also seen some documentation from a few different provinces and cities outlining exactly what will be in their databases, and these documents are even more wide-ranging. The Hubei provincial database, for example, will contain nearly 8000 datasets.6 The Suzhou city database will contain 130. 7

Legal representative, senior management, number of personnel, special types of personnel (number of high school graduates, women, people with disabilities, veterans), personal credit violation records of key personnel

Number of Communist Party members employed, number of Communist Youth League members employed, official Party branches

Implications for companies doing business in China

Given the amount of data being gathered on corporations, the possibilities of inaccuracies creeping into credit files is very real. Companies will need to take a proactive approach to understanding what data the government has, and allocate resources to proactively manage the accuracy of their credit files.

Data disclosure might also become an issue. Though the government has expressly stated that trade secrets would be protected from publication, China’s data privacy laws are weak, and the system may require the publication of some sensitive information.

Data on individuals

A selection of different documents also give us a look into what kind of information is generally being compiled on individuals.

General overview of personal data included in the SCS

Identity and employment information

Name, ID number, other basic identifying information, professional qualifications, registration as legal representative or senior management of any company

We also know what isn’t being gathered on individuals. There are specific prohibitions on the inclusion of data about the following things in social credit records:

Religious beliefs

Fingerprints

Genes

Medical history

Blood type

Contrary to what has been reported, there is also no evidence to support the claim that items purchased online through ecommerce shopping platforms are currently being recorded in the national SCS database. We dig a little deeper into this in our section on tech platforms.

How data will be used

The central government is offering up different levels of access to SCS data to different public and private sector entities, to conduct different types of credit assessments. Remember, the Chinese definition of “credit” here extends beyond the financial sphere, and means both one’s ability to repay debts, as well as one’s trustworthiness, or sense of civic responsibility.

How different authorized parties will use SCS data

Who

How they’ll use the data

State agencies

Assess the compliance of people, companies, and organizations within their jurisdiction

Local governments

Assess the legal, civic, and professional conduct of citizens and businesses in their areas

Financial institutions

Find out whether or not a person or company poses a lending risk

The central government

Find out whether lower levels of government are following orders and fulfilling social and financial obligations

Tech platforms

Assist the government in punishing and rewarding credit offenders, assess lenders on fintech platforms, and offer preferential services to those with good credit

Industry associations

Assess the service quality, solvency, and corporate responsibility of companies and professionals in their sector

We’ll cover all of these in later sections.

Risk prediction

There are also hopes that social credit data can be used as a risk prediction tool, rather than just a mechanism for reactive punishment. In other words, instead of just issuing punishments for bad credit after violations happen, they want to use computational tools to determine targets for inspections or take proactive action before problems (like public safety incidents or tainted food scandals) actually occur.

This idea applies more to companies than individuals. A 2017 policy states that those companies whose records have been flagged in three areas will be placed on a “Big Data Alert List”, and an “early warning” will be issued publicly. 8